Block SSH Server Attacks (Brute Force Attacks) Using DenyHosts

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.95/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Ravi Saive

I am Ravi Saive, creator of TecMint. A Computer Geek and Linux Guru who loves to share tricks and tips on Internet. Most Of My Servers runs on Open Source Platform called Linux. Follow Me: Twitter, Facebook and Google+

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

17 Responses

  1. Seann Giffin says:

    This is good. I took it one step further too. I took all the blocklists maintained by http://www.wizcrafts.net/iptables-blocklists.html and saved them into a single file, then wrote this shell script to filter the comments out of the list and use iptables to block entire ranges:

    #/bin/bash
    file="wiznets.txt"
    while read line; do
    echo " "
    echo "Current Line: $line"
    if [[ ${line:0:1} == [0-9]* ]]; then        
    iptables -I INPUT -s $line -j DROP
    echo "$line is a valid IP range. Added to iptables block list."
    else
    echo "$line was skipped. Not a valid IP."
    fi
    done <"$file"
    
  2. Itamar says:

    Thanks for the info! What happens if you log in from an ISP that changes your IP once in a while? You’d be locked out of the whitelist unbeknown to you. Any way around this apart from console access?

    • Ravi Saive says:

      @Itamar,

      There isn’t any workaround either you need allow whole range or add manually those IP addresses to whitelist..

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *